baoyu-comic
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bun runtime to execute a local TypeScript script (
merge-to-pdf.ts) for combining generated images into a PDF document. It also invokes a sibling skill (baoyu-image-gen) via a command-line call to perform image generation. These executions are legitimate within the scope of the skill's workflow and target internal or author-controlled scripts.- [PROMPT_INJECTION]: There is a surface for indirect prompt injection because the skill ingests untrusted user content and incorporates it into various analysis and generation stages. - Ingestion points: User-provided text or markdown files (
source.md). - Boundary markers: Absent; the prompt templates do not employ specific delimiters to isolate user-provided content from the AI's internal instructions.
- Capability inventory: Local file system writes, script execution via Bun, and cross-skill communication for image generation.
- Sanitization: No evidence of input sanitization or filtering of the source content is present before it is used in LLM prompts.
Audit Metadata